Took payara 5 2022.2 for a testdrive with java 17

Hi,

I took payara 5 2022.2 for a java 17 testdrive but then I get an error I cant really understand.

[2022-05-02T19:39:46.449+0200] [Payara 5.2022.2] [SCHWERWIEGEND] [] [javax.enterprise.system.core] [tid: _ThreadID=104 _ThreadName=admin-thread-pool::admin-listener(1)] [timeMillis: 1651513186449] [levelValue: 1000] [[
  Exception while preparing the app]]

[2022-05-02T19:39:46.450+0200] [Payara 5.2022.2] [SCHWERWIEGEND] [NCLS-CORE-00026] [javax.enterprise.system.core] [tid: _ThreadID=104 _ThreadName=admin-thread-pool::admin-listener(1)] [timeMillis: 1651513186450] [levelValue: 1000] [[
  Exception during lifecycle processing
java.lang.IllegalAccessError: class com.sun.enterprise.security.provider.PolicyConfigurationImpl (in unnamed module @0x2682a335) cannot access class sun.net.www.ParseUtil (in module java.base) because module java.base does not export sun.net.www to unnamed module @0x2682a335
	at com.sun.enterprise.security.provider.PolicyConfigurationImpl.initialize(PolicyConfigurationImpl.java:774)
	at com.sun.enterprise.security.provider.PolicyConfigurationImpl.<init>(PolicyConfigurationImpl.java:180)
	at com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl.initializeRepository(PolicyConfigurationFactoryImpl.java:282)
	at com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl.<init>(PolicyConfigurationFactoryImpl.java:107)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499)
	at java.base/java.lang.reflect.ReflectAccess.newInstance(ReflectAccess.java:128)
	at java.base/jdk.internal.reflect.ReflectionFactory.newInstance(ReflectionFactory.java:347)
	at java.base/java.lang.Class.newInstance(Class.java:645)
	at javax.security.jacc.PolicyConfigurationFactory.getPolicyConfigurationFactory(PolicyConfigurationFactory.java:126)
	at com.sun.enterprise.security.jacc.JaccWebAuthorizationManager._getPolicyFactory(JaccWebAuthorizationManager.java:632)
	at com.sun.enterprise.security.jacc.JaccWebAuthorizationManager.getPolicyFactory(JaccWebAuthorizationManager.java:626)
	at com.sun.enterprise.security.jacc.JaccWebAuthorizationManager.initialise(JaccWebAuthorizationManager.java:438)
	at com.sun.enterprise.security.jacc.JaccWebAuthorizationManager.<init>(JaccWebAuthorizationManager.java:187)
	at com.sun.enterprise.security.web.integration.WebSecurityManagerFactory.createManager(WebSecurityManagerFactory.java:108)
	at com.sun.enterprise.security.ee.SecurityDeployer.loadPolicy(SecurityDeployer.java:267)
	at com.sun.enterprise.security.ee.SecurityDeployer.generateArtifacts(SecurityDeployer.java:206)
	at org.glassfish.deployment.common.SimpleDeployer.prepare(SimpleDeployer.java:88)
	at com.sun.enterprise.v3.server.ApplicationLifecycle.prepareModule(ApplicationLifecycle.java:1131)
	at com.sun.enterprise.v3.server.ApplicationLifecycle.prepare(ApplicationLifecycle.java:504)
	at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:593)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:556)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:552)
	at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
	at java.base/javax.security.auth.Subject.doAs(Subject.java:376)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:551)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$3.run(CommandRunnerImpl.java:582)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$3.run(CommandRunnerImpl.java:574)
	at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
	at java.base/javax.security.auth.Subject.doAs(Subject.java:376)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:573)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1497)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1300(CommandRunnerImpl.java:120)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1879)
	at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1755)
	at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:604)
	at com.sun.enterprise.v3.admin.AdminAdapter.onMissingResource(AdminAdapter.java:256)
	at org.glassfish.grizzly.http.server.StaticHttpHandlerBase.service(StaticHttpHandlerBase.java:166)
	at com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:520)
	at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:217)
	at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:182)
	at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:156)
	at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:218)
	at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:95)
	at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:260)
	at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:177)
	at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:109)
	at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:88)
	at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:53)
	at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:524)
	at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:89)
	at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:94)
	at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:33)
	at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:114)
	at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:569)
	at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:549)
	at java.base/java.lang.Thread.run(Thread.java:833)
]]

[2022-05-02T19:39:46.454+0200] [Payara 5.2022.2] [SCHWERWIEGEND] [] [javax.enterprise.system.core] [tid: _ThreadID=104 _ThreadName=admin-thread-pool::admin-listener(1)] [timeMillis: 1651513186454] [levelValue: 1000] [[
  Exception while preparing the app : class com.sun.enterprise.security.provider.PolicyConfigurationImpl (in unnamed module @0x2682a335) cannot access class sun.net.www.ParseUtil (in module java.base) because module java.base does not export sun.net.www to unnamed module @0x2682a335]]

If i switch back to java 11 everything is fine. Any idea what is misconfigured or is this a bug I shall report?

Best,

KB

I suspect you carried old domain configuration with you. The one shipped with server already contains necessary JVM options to open those packages:

--add-exports=java.base/sun.net.www=ALL-UNNAMED
--add-exports=java.base/sun.security.util=ALL-UNNAMED
--add-opens=java.base/java.lang.invoke=ALL-UNNAMED
--add-exports=jdk.naming.dns/com.sun.jndi.dns=ALL-UNNAMED

@pdudits yes, you are right!
I did an export on my dev 2021.6 and imported it into 2022.2… had to manually fix the trouble with H2 versions on the EJB timer service though.

I did follow Upgrading Payara Server :: Payara Community Documentation here but there is no part on “for JDK 17 you need to do this…”

Are these settings all that are necessary or are there any other things to need to for Java 17?

Hey, the problem with the “import” of the settings from an earlier version is, that it is not a real import. It is a simply configuration replacement. So i would not do that in this way.

It is way better to use this approach via command line:

This approach does not accidentaly remove necessary settings.

Cheers